Facebook Switching To HTTPS By Default

Trailrunner7 writes "Facebook this week will begin turning on secure browsing by default for its millions of users in North America. The change will make HTTPS the default connection option for all Facebook sessions for those users, a shift that gives them a good baseline level of security and will help prevent some common attacks. Facebook users have had the option of turning on HTTPS since early 2011 when the company reacted to attention surrounding the Firesheep attacks. However, the technology was not enabled by default and users have had to opt-in and manually make the change in order to get the better protection of HTTPS."

Need password

[jfdavis668]

Would be helpful if I didn't need a password to read the linked article.

Re:How long does it take to get a cert?

[Culture20]

They've had a cert (and an https only option) for years. They apparently finally have the computing power to make it default ( it's not free to encrypt every little transaction, and their pages auto update).

Re:How long does it take to get a cert?

[ewieling]

If you only use SSL when you have something to protect, then you are telling any attacker (including a government "attacker") exactly which data you think is important.